Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
245291	7.5	危険	easyfill	-	EasyFill における SQL インジェクションの脆弱性	-	CVE-2006-6555	2012-06-26 15:38	2006-12-14	Show	GitHub Exploit DB Packet Storm

245292	3.5	注意	cPanel	-	cPanel WHM におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6548	2012-06-26 15:38	2006-12-14	Show	GitHub Exploit DB Packet Storm

245293	7.5	危険	cutenews aj-fork	-	CN:AJ の inc/shows.inc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6546	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

245294	6.8	警告	cm68 news	-	CM68 News におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6544	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

245295	7.5	危険	appintellect	-	AppIntellect SpotLight CRM の login.asp における SQL インジェクションの脆弱性	-	CVE-2006-6543	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

245296	7.5	危険	fantastic news	-	Falt4Extreme RC4 の index.php における SQL インジェクションの脆弱性	-	CVE-2006-6542	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

245297	6.8	警告	bluetrait	-	Bluetrait の bt-trackback.php における SQL インジェクションの脆弱性	-	CVE-2006-6540	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

245298	10	危険	flippet.org	-	Wawi におけるバッファオーバーフローの脆弱性	-	CVE-2006-6539	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

245299	7.8	危険	D-Link Systems, Inc.	-	D-LINK DWL-2000AP+ におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-6538	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

245300	6.8	警告	cilem	-	Cilem Haber Free Edition の hata.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6536	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
219411	6.1	MEDIUM Network	wso2	api_manager identity_server	An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. When a custom claim dialect with an XSS payload is configured in the identity provider…	CWE-79 Cross-site Scripting	CVE-2019-20437	2024-11-21 13:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

219412	6.1	MEDIUM Network	wso2	api_manager identity_server	An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. If there is a claim dialect configured with an XSS payload in the dialect URI, and a u…	CWE-79 Cross-site Scripting	CVE-2019-20436	2024-11-21 13:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

219413	4.8	MEDIUM Network	wso2	api_manager	An issue was discovered in WSO2 API Manager 2.6.0. A reflected XSS attack could be performed in the inline API documentation editor page of the API Publisher by sending an HTTP GET request with a har…	CWE-79 Cross-site Scripting	CVE-2019-20435	2024-11-21 13:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

219414	4.8	MEDIUM Network	wso2	api_manager	An issue was discovered in WSO2 API Manager 2.6.0. A potential Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the Datasource creation page of the Management Console.	CWE-79 Cross-site Scripting	CVE-2019-20434	2024-11-21 13:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

219415	4.8	MEDIUM Network	wso2	api_manager identity_server enterprise_integrator	An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Integrator 6.5.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. A potential stored Cross-Site Scripting (XSS) vulner…	CWE-79 Cross-site Scripting	CVE-2019-20443	2024-11-21 13:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

219416	4.8	MEDIUM Network	wso2	api_manager identity_server enterprise_integrator	An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Integrator 6.5.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. A potential stored Cross-Site Scripting (XSS) vulner…	CWE-79 Cross-site Scripting	CVE-2019-20442	2024-11-21 13:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

219417	4.8	MEDIUM Network	wso2	api_manager	An issue was discovered in WSO2 API Manager 2.6.0. A potential Stored Cross-Site Scripting (XSS) vulnerability has been identified in the 'implement phase' of the API Publisher.	CWE-79 Cross-site Scripting	CVE-2019-20441	2024-11-21 13:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

219418	4.8	MEDIUM Network	wso2	api_manager	An issue was discovered in WSO2 API Manager 2.6.0. A potential Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the update API documentation feature of the API Publisher.	CWE-79 Cross-site Scripting	CVE-2019-20440	2024-11-21 13:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

219419	9.1	CRITICAL Network	gnu	aspell	libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the application, as demonstrated by the…	CWE-125 Out-of-bounds Read	CVE-2019-20433	2024-11-21 13:38	2020-01-28	Show	GitHub Exploit DB Packet Storm

219420	7.5	HIGH Network	lustre	lustre	In the Lustre file system before 2.12.3, the mdt module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. mdt_file_secctx_unpack doe…	CWE-787 Out-of-bounds Write	CVE-2019-20432	2024-11-21 13:38	2020-01-27	Show	GitHub Exploit DB Packet Storm